mcg energy logo

Private Cloud
& Security

MCG’s Private Cloud is built to mission-critical, high availability standards. In order to achieve and exceed our SLA uptime commitment of 99.99% to all customers, we have built highly redundant individual datacenter sites, and then increased overall redundancy by using our multiple sites in an active-active architecture rather than an active-passive approach. MCG is also unique in offering a SaaS environment for hosted customers opting for a Perpetual License.

MCG Energy is now in agency review on FedRAMP Marketplace, and in process for FedRAMP authorization in 2023. This is the latest demonstration our commitment to the highest levels of security and compliance.

cloud

Private Cloud

MCG Energy maintains its own datacenters. While the majority of the SaaS marketplace employs third party infrastructure and hosting services, controlling our own datacenters positions MCG Energy to meet the ever evolving security and compliance requirements of the power industry without the limitations imposed by a third party provider for the Support and Maintenance of our customers. There’s no question of where to go for help. MCG handles it all.

MCG’s Private Cloud is NIST SP 800-53 r4 Mod Level complaint and both our applications and hosting are now maintained to FedRAMP standards and in review for FedRAMP authorization with United States Department of Energy sponsorship. Watch this website for updates.

Contact MCG Energy for more information

Security

MCG Energy manages our own datacenter infrastructure and security to ensure we meet the requirements of compliance agencies and our customers. Our rigorous auditing shows the many physical security and cybersecurity methods we employ. These efforts ensure the safety of our customers’ applications and data. MCG’s infrastructure and applications are constantly maintained to the highest security standards in the marketplace.

The operational functionality of MCG applications and the security of the entire system landscape – including all data – are architected, engineered, and built to be highly effective and user-friendly as a hosted solution in MCG Energy’s NIST SP 800-53 r4 compliant Private Cloud. Our security controls and SOC and NIST auditing programs cover datacenter infrastructure and applications. Now MCG Energy is adding FedRAMP authorization to our security and compliance programs. This will make MCG Energy unique in having both our datacenter hosting facilities and our software packages FedRAMP authorized. Many other providers will offer to put an application into the FedRAMP cloud facility of a hosting service like AWS or Azure. This is not enough when client agencies require the same level of FedRAMP security for the application itself. While competitors shift the responsibility for security to an external hosting provider, MCG Energy’s audit and authorization programs include our datacenters as well as our applications. Unlike other providers, there are no gaps or confusion when it comes to the security of our solutions.

Contact MCG Energy for more information
sever data center tech
sever data center tech

Compliance

In order to participate in the SaaS marketplace, vendors must be able to meet an ever expanding set of audit and regulatory requirements for customers. Since its entry into the SaaS marketplace, MCG Energy has rigorously pursued the implementation and maintenance of all audit standards needed by our customers. Now MCG Energy is preparing for FedRAMP authorization with United States Department of Energy sponsorship.

These are currently part of MCG Energy’s annual auditing program:

  • SOC 1
  • SOC 2
  • FISMA NIST SP 800-53 r4
  • External network penetration testing
  • Web/Application penetration testing

Audit reports are provided to our customers when available each year, and to prospective customers to review upon request. In addition to these annual reviews, FedRAMP requires ongoing monitoring and even stricter compliance as assurance for all customers, even those that do not yet require FedRAMP level security.

SOC/NIST compliance & FedRAMP preparations